Linux - SecurityThis forum is for all security related questions.
Questions, tips, system compromises, firewalls, etc. are all included here.
Welcome to LinuxQuestions.org, a friendly and active Linux Community.
You are currently viewing LQ as a guest. By joining our community you will have the ability to post topics, receive our newsletter, use the advanced search, subscribe to threads and access many other special features. Registration is quick, simple and absolutely free. Join our community today!
Note that registered members see fewer ads, and ContentLink is completely disabled once you log in.
If you have any problems with the registration process or your account login, please contact us. If you need to reset your password, click here.
Having a problem logging in? Please visit this page to clear all LQ-related cookies.
Introduction to Linux - A Hands on Guide
This guide was created as an overview of the Linux Operating System, geared toward new users as an exploration tour and getting started guide, with exercises at the end of each chapter.
For more advanced trainees it can be a desktop reference, and a collection of the base knowledge needed to proceed with system and network administration. This book contains many real life examples derived from the author's experience as a Linux system and network administrator, trainer and consultant. They hope these examples will help you to get a better understanding of the Linux system and that you feel encouraged to try out things on your own.
Click Here to receive this Complete Guide absolutely free.
I am running Fedora Core 3 and I'm having issues restricting ssh log in attempts. IT is my understanding that by editing the hosts.allow file & hosts.deny I could limt what IP addresses can access ssh. Here is what I have so far
sshd : 192.168.1.0/20 xxx.xxx.x.xx
So my understanding of this is that it will only allow people that use ssh from my internal LAN and the one IP that is listed. Everyone else is shut off. I restart sshd and it blocks every ssh connection, even the ones on the LAN. Once I comment the lines out ssh works fine. Can anyone tell me what I am doing wrong and also provide a better method to limiting ssh?
I figured out why I could not connect remotely.... somehow my machine "stalled out," thus not working. I went home, rebooted and got it up and running and it is now accepting the connection from the IP that I want it to and denying other connections! Thanks!
Is their a way to run this hosts.allow & deny simultaneously with something that will also accept a specific username no matter where I am trying to connect from? meaning ssh will always allow username "tbrady" to be granted access no matter what IP he is connectiong from?
Distribution: Distribution: RHEL 5 with Pieces of this and that.
Kernel 22.214.171.124, KDE 3.5.8 and KDE 4.0 beta, Plu
I don't think that can be done. I would edit the config in hosts.allow to allow all ip's to sshd. Edit /etc/ssh/ssh_config and add the following.
Yes this will allow someone to try to login but if they fail as unkown user and password then they can not get in. If iptables is setup, it can log the attempts, but it can accumalate a lot of attempts even in one week. You can make the sshd port 22 act as a stealth port so it will not show up as an open port if someone scans your IP. Hven't done it with iptables but should be easy from what I hear. Pam might help in more security as well.
Also make sure root is not able to login to sshd. One can add a script to block IP blocks as they come if someone tries to sshd your machine but after 3 logins fail it adds a rule to iptables to block access to a whole class C range. Have done it but its been awhile. I currently do not remember how but found the info on the internet. Google around net or search here.
Read up on the man pages for ssh and pam and other files they mention. Lots of examples in them.